I have no idea how to pierce firewalls with lesser operating systems,
but you can take one of these old disused computers
(about anything with 8MB of RAM and an ethernet card should do),
install Linux or BSD as on it, and pierce the firewall with it,
while serving as a router for other machines running lesser OSes.
See appropriate HOWTOs about routing, IP forwarding, NAT, etc.

I don't know the details, but a promising tool to pierce firewalls is
Chris Mason's Bouncer,
which acts as a SOCKS-proxy-over-SSL.

There are other kinds of firewalls
than those that allow for direct ssh or telnet connections.
As long as a continuous flow of packets
may transmit information through a firewall in both directions,
it is possible to pierce it;
only the price of writing the piercer may be higher or lower.

In a very easy case, we saw that you can just launch ssh
over a pty master and do some pppd in the slave tty.
You may even want to do it without an adverse firewall,
just so as to build a secure ``VPN'' (Virtual Private Network).
The VPN mini-HOWTO
gives all the details you need about this.
We invite you, as an exercise,
to modify fwprc
so as to use this technique,
or perhaps even so as to use it
inside a previous non-secure fwprc session.

Now, if the only way through the firewall is a WWW proxy
(usually, a minimum for an Internet-connected network),
you might want to use
Chris Chiappa's
script
ssh-https-tunnel.

Another promising program for piercing through HTTP is
Lars Brinkoff's
httptunnel,
a http server and client combination that achieves a TCP/IP tunnel connection
through the proxy-friendly HTTP protocol.
You should then be able to run fwprc
(preferably over ssh)
over that connection, although I haven't tried it yet.
Could anyone test and report?
Note that httptunnel is still under development,
so you may help implement
the features it currently lacks,
like, having multiple connections, and/or serving fake pages
so as to mislead suspicious adverse firewall administrators.

Whatever goes through your firewall,
be it telnet, HTTP or other TCP/IP connections,
or something real weird like DNS queries, ICMP packets, e-mail
(see mailtunnel,
icmptunnel),
or whatelse,
you can always write a tunnel client/server combination,
and run a ssh and/or PPP connection through it.
The performance mightn't be high,
depending on the effective information communication rate
after paying the overhead for coding around filters and proxies;
but such a tunnel is still interesting as long as it's good enough
to use fetchmail, suck,
and other non-interactive programs.

If you need cross a 7-bit line, you'll want to use SLIP instead of PPP.
I never tried, because lines are more or less 8-bit clean these days,
but it shouldn't be difficult.
If necessary, fall back to using the
Term-Firewall mini-HOWTO.

If you have an 8-bit clean connection and you're root on linux both sides
of the firewall, you might want to use ethertap for better performance,
encapsulating raw ethernet communications on top of your connection.
David Madore has written ethertap-over-TCP and ethertap-over-UDP tunneling
ftp://quatramaran.ens.fr/pub/madore/misc/.
There remains to write some ethertap-over-tty to combine with fwprc-like tools.

If you really need more performance than you can get
while paying for a user-space sequential communication tunnel
through which to run PPP,
then you're in the very hard case
where you might have to re-hack a weird IP stack,
using (for instance) the Fox project's packet-protocol functors.
You'll then achieve some direct IP-over-HTTP, IP-over-DNS, IP-over-ICMP,
or such, which requires not only an elaborate protocol,
but also an interface to an OS kernel, both of which are costly to implement.

Finally, if you're not fighting against an adverse firewall,
but just building your own VPN, there is a large offer of VPN tools,
and although the tricks I present are simple, work well,
and might be enough for your needs, it could be a good idea
to look at this evolving offer (that I do not know much about)
for a solution that fits your requirements of performance and maintainability.

I felt it was necessary to write it,
but I don't have that much time for that,
so this mini-HOWTO is very rough.
Thus will it stay,
until I get enough feedback so as to know what sections to enhance,
or better, until someone comes and takes over maintenance for the mini-HOWTO.
Feedback welcome. Help welcome. mini-HOWTO maintenance take-over welcome.

In any case, the above sections have shown many problems
whose solution is just a matter of someone (you?)
spending some time (or money, by hiring someone else)
to sit down and write it:
nothing conceptually complicated,
though the details might be burdensome or tricky.

Do not hesitate to contribute more problems, and hopefully more solutions,
to this mini-HOWTO.

I've come to the conclusion that much like the need for Design Patterns
came directly from the fact that people were using inferior languages
like C++ or Java
that don't allow to directly express higher-level programming constructs
(whereas good languages such as LISP
allow to express them),
the need HOWTOs comes directly from the fact that
Linux and UNIX systems
are inferior operating systems that do not allow to directly express
those simple tasks that people attempt to do with them.

If you think that all this mucking around with stupid scripts and silly HOWTOs
is overly complicated and that a decent computer system ought
to automate it all for you, then welcome with me among
UNIX haters
and other people who hate current low-level operating systems,
and yearn for declarative computing systems
that take care of the silly details and let us focus on things that matter.
(Maybe have a peek at my own
TUNES project).

"I hereby disclaim all responsibility for
your use of this hack.
If it backfires on you in any way whatsoever,
that's the breaks. Not my fault.
If you don't understand the risks inherent in doing this, don't do it.
If you use this hack and it allows vicious vandals
to break into your company's computers and costs you your job and
your company millions of dollars, well that's just tough nuggies.
Don't come crying to me."